Cyber Security and the National Central Banks

Cyber Security and the National
Central Banks
CPEXPO Community Protection
Genova, October 30th 2013

Servizio Innovazione e sviluppo informatico
Divisione Architettura, infrastrutture e sicurezza

1

AGENDA

1. Introduction

2. The Cyber Threat from a National Central Bank
Perspective
3. The Cyber Crime Economy
4. Trend prediction
5. The Central Bank Response
6. Conclusion

2

1. INTRODUCTION
Changes in IT 1/2

• “Anytime, anywhere, any platform” access to systems
• Open source platforms adopted in order to improve
access to “best of breed” technology
• “Time-to-market”: pressure for new systems/applications
• Knowledge workers, big data e business intelligence

• Social media

3

1. INTRODUCTION
Challenges for central banks

• Increasing complexity in IT systems  larger
attack surface
• IT systems integrating different business lines 
interdependences increase
• External counterparties and service providers
involved in business processes  appropriate trust
model


4

1. INTRODUCTION
Issues to be tackled by security experts 1/2

• Can the IT continue to meet the needs of the business
while maintaining an appropriate security level?
– Not only preventive countermeasures: reactive controls

• Are IT services and infrastructure protected from Cyber
Threat?
– The new threats must be assessed against Confidentiality,
Integrity and Availability criteria having in mind the
countermeasures in place

• Are the business line aware of the new Cyber Threat
risks?
– Mitigation of perceived risks only


5

1. INTRODUCTION
Issues to be tackled by security experts 2/2

• Is the trust model still valid?
– “Security control“ of counterparties and information services

• Are all information flows under control?
– “Control” of the unstructured flow (e.g. Social Media)

• Do we spend too much or too little for the security of the
information?
– Return on Security Investment (e.g. ROSI approach)

• What are the information I “do not know”?
– We must be aware that countering Cyber Crime requires effort
in gathering relevant information

6

2. THE CYBER THREAT FROM A NATIONAL CENTRAL
BANK PERSPECTIVE
The attackers

•
•
•
•

Who are the attackers?
What are their motivations?
What are their goals?
What methods do they use?


7

BANK PERSPECTIVE
The motivations

Attackers

Motivations

1.

Hactivists

Anti-globalization, anti-capitalism

2.

Terrorists

Ideology, political change, power, money

3.

Politically motivated

Geo-political reasons, financial benefits

4.

Criminal
organizations

Money, retaliation

5.

Employees

Retaliation, personal gain, coercion

6.

Occasional Hackers

Reputation, curiosity


8

BANK PERSPECTIVE
The goals and methods

Goal of the Cyber Attack Method of the Cyber Attack
1.

Web site defacement

Web applications attacks

2.

DoS / DDoS

Botnets

3.

Information theft

Advanced Persistent threats (APT), Malware, Hacking,
Social Engineering

4.

Information leakage

WikiLeaks, Social Media, Forum, Web Sites

5.

Sabotage

Disabling / Bypassing security systems

6.

Intrusion

Social Engineering, Malware, APT

7.

Fraud

Social Engineering, Hacking, Malware

8.

Corruption

Unreliable internal employees

9.

Other illegal activities

Abuse of resources


9

3. THE CYBER CRIME ECONOMY
• Cyber Crime: hidden economy in good health and little affected by
increased sensitivity to security:
– $ 114 billion direct costs (Symantec, 2011)
– $ 110 billion direct costs (Symantec, 2012)

• Human Resources (hackers for hire)
• Crime-as-a-service
– "eBay”-style procurement of Cyber Attack services (viruses, k-loggers, etc.)
– Electronic payments on the "BitCoin” model
– On-demand Cyber Attacks

• Goods

Ware
Malware (source code)
« Exploit pack » (es. ZEUS)
Malware installation
Zero day exploit


price (USD)
$100 – $100,000
$150 – $2,200
$6 – $150 (1,000 installations)
$100,000 – $5,000,000
10

4. TREND PREDICTION

• More data leakages
• More politically motivated operations

• More professional malware (also on mobile devices)
• More tailor-made exploit code and attacks
• Less time for all of us to react


11

5. THE CENTRAL BANK RESPONSE – 1/3

• Cyber Risk Governance
– The management of Cyber Risk has been included in the
operational risk management framework (ORM)
– Cyber Risks have been often included in the corporate risk
management framework (ERM)
– The governance of Cyber Risk has been changing in order to
speed up the processes of decision making and incident
management

• Risk Management
– A gap analysis is in progress regarding the systems potentially
vulnerable to an attack and the existing controls at business and IT
level
– The current trust model toward external counterparties is under
assessment
– Personnel involved in critical operations or dealing with sensitive
information is subject to specific screening

12


• Business Continuity
– The procedures to assess the extent of damage caused by an
attack are speeded
– The opportunity is considered to carry on business operations even
with IT systems under attack
– Communication processes are defined to re-establish an
appropriate level of trust internally and with external counterparties

• Awareness
– Increase of Information Security training programs
– The Central Bank senior management and the risk Committees are
regularly informed about the risk situation
– Increase of testing in Cyber Attack response plans


13


• Strengthening of security measures for critical
applications and systems
– Connections to un-trusted networks are limited
– Privileged access to applications, data, operations is
minimized

• Reference to best practices issued by international
organizations in the industry and / or government
– Adoption of Cyber Resilience models issued by WEF, ISF,
OECD is under evaluation


14

6. CONCLUSION

• The risk associated with Cyber Threat is not just an IT problem 
responses should be coordinated with the other security teams
(physical security, business continuity)
• The attacks complexity increases  detection is increasingly linked
to the recognition of abnormal behaviour
• Cyber Attacks will tend to target the weakest link in the chain (e.g.
social engineering)
• The identity management and authentication functions must be
strengthened
• Information sharing and collaboration of like-minded institutions are
becoming increasingly important

15


16

Cyber Security and the National Central Banks

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a Cyber Security and the National Central Banks

Semelhante a Cyber Security and the National Central Banks (20)

Mais de Community Protection Forum

Mais de Community Protection Forum (20)

Último

Último (20)

Cyber Security and the National Central Banks